<?php 
require_once(dirname(__FILE__)."/../../libs/login/login.php");
require_once(dirname(__FILE__)."/../../libs/string/libstr.php");
$mc=new libstr();
$lg=new login();
if($mc->Ismp($_POST["logbtn"])!=""){
	$userid=$_POST["userid"];
	$password=$_POST["password"];
	$code=$_POST["code"];
	if(strtolower($_SESSION["code"])!=strtolower($code)){
		echo "code is wrong";//判断验证码
		exit();	
	}
	
	$msg=$lg->admin_login($userid,$password,$code);
	if(ereg("login is ok",$msg)==1){
		$mb=split("userno=",$msg);
		$userno=$mb[1];
		$qxArr=$lg->getpower($userno);//获取用户权限
		$qx=$qxArr['qx'];  //操作权限
		$cd=$qxArr['cd'];  //菜单权限		
		$usinfo=$lg->getuserinfo($userno);
		$pwid=2;//进入后台的的权限id
		if($lg->ispower($qx,$pwid)){//判断是否可进入后台
			//保存session
			$_SESSION["admin_member"]["userno"]=$userno;
			$_SESSION["admin_member"]["userid"]=$usinfo["userid"];
		    $_SESSION["admin_member"]["rootid"]=$usinfo["rootid"];
			$_SESSION["admin_member"]["quanxian"]=$qx;
			$_SESSION["admin_member"]["caidan"]=$cd;
			echo  "login is ok ";
			exit();
		}else{
			echo  "have no power ";
			exit();
		}
		
	}
	echo $msg;
	
}

//后台修改密码
if($mc->Ismp($_POST["updpwbtn"])){
	$userno=$lg->getsession("admin_member","userno");
	$password=$_POST["oldpassword"];
	$newpassword=$_POST["newpassword"];
	$msg=$lg->update_psw($userno,$password,$newpassword);
	echo $msg;
}

?>